<?php  


    session_start();


    //error_reporting(E_ALL);

    //connect to the database 
    $mysqli = new mysqli("127.0.0.1", "mishoppa", "lk^36yfgh23GF", "ailerons");

    // check connection
    if ($mysqli->connect_errno) {
        printf("Connect failed: %s\n", $mysqli->connect_error);
        exit();
    }



    if (isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token']) {

        $query = "SELECT * from runways WHERE airport_ident ='CYYZ' ORDER BY length_ft DESC;";

        if ($result = $mysqli->query($query, MYSQLI_USE_RESULT)) {

            while($row = $result->fetch_row()) { 

                foreach ($row as $key => $value) {
                    echo $value . "|";
                }
                echo "<br>";
            }
            
            $result->close();

        } else {

            echo "No results";

        }

        $mysqli->close();
    }

    $token = md5(uniqid(rand(), true));
    $_SESSION['token'] = $token;


?> 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> 
<title>DB Query</title> 
</head> 

<body> 

<form action="" method="post" enctype="multipart/form-data" name="form1" id="form1"> 
  DB Query: <br /> 
  <input type="text" id="query" name="query" /> 
  <input type="submit" name="Submit" value="Submit" /> 
  <input type="hidden" name="token" value="<?php echo $token; ?>" />
</form>

</body> 
</html> 